#4
The Hacker News
general
July 07, 2026 at 05:16 UTC
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
By [email protected] (The Hacker News)
AI Summary
BeyondTrust patched two critical pre-authentication vulnerabilities in its Remote Support (RS) and Privileged Remote Access (PRA) products: CVE-2026-40138 (CVSS 9.2) and a second flaw, both allowing unauthenticated attackers to take control of devices. Given BeyondTrust's prior exploitation history (a critical PRA/RS RCE was weaponized in late 2024), these flaws in privileged access management software are a high-priority patching concern.
Relevance score: 89.0/100
Sponsored
Protect Your Business
Expert cybersecurity solutions to safeguard your organization from evolving threats.
Get Protected →